03/14/2005 17:55 FAX 2022937860 



© 003/009 



Amendment Under 37 C.F.R. §1.111 
U.S. Appln. No. 09/465,514 



Attorney Docket # /.7254 / 
ST9-«-094 



REMARKS 



Applicant thanks the Examiner for considering the references cited with the Inform ition 
Disclosure Statement filed June 18, 2004. 

Status of the Application 

Claims 1-42 are all the claims pending in the Application. Claims 1-42 stand rejec ed. 

This Action is Improperly Made "Final" 

Applicant respectfully submits that this Action is improperly "Final." MPEP § 70e, 07(a) 

indicates that a "second or any subsequent actions on the merits shall be final, except wher 3 the 

examiner introduces a new ground of rejection that is neither necessitated by applicant's 

amendment of the claims nor based on information submitted in an information disclosure 

statement filed during the period set forth in 37 CFR 1 .97(c) ..." (emphasis added). 

Here, the Examiner has introduced new grounds of rejection, i.e., claims 17-23 as t sing 
direcled to non-statutory subject matter. This new rejection was nor. necessitated by applicant's 
amendment, as claims 1 7-23 were not amended in response to the April 22, 2004 Office Ac (ion. 
Nor vas this rejection based upon information submitted in an infoimation disclosure statement 
(IDS) during the 37 C.F.R. § 1 .97(c) period. 

Thus, Applicant respectfully submits that this is an improper "Final" Office Action, and 
requests the corresponding withdrawal of the "Finality." 

35 K.RG § 101 Rejection 

The Examiner has rejected independent claims 17 and 23 under 35 U.S.C. § 101 as 

allegedly being directed to non-statutory subject matter. Applicant respectfully disagrees. 



2 



PAGE 3/9 1 RCVDAT 3114/2005 5:54:51 PM [Eastern Standard Time]* SVR:USPTMFXRF-1/15 1 ONIS : 872 93 06 1 C SID: 202293 7860 J DURATION (ntJMS):02-26 



03/14/2005 17:55 FAX 2022937860 



1004/009 



Amendment Under 37 C.F.R, §1.111 
U.S. Appln. No. 09/465,514 



Attorney Docket # A 7254 / 
ST9- >8-094 



Claim 17 is directed to "[an] access control method comprising: requesting access 
MPEP § 2106(IV)(B)(2)(b) specifies that "a claim that requires one or more acts to be peri Drmed 
defines a process." "Requesting access" is an act. 

Claim 22 is directed to a "[a] computer-readable medium having computer-execut* ble 
code stored thereon, comprising: computer instructions for..." MPEP § 2106(IV)(B)(l)(a 
specifies thai "a claimed computer-readable medium encoded with a data structure define* 
strucoxral and functional interrelationships between the data structure and the computer so'tware 
and hardware components which permit the data structure's functionality to be realized, ar d is 
thus statutory " 

Accordingly, Applicant respectfully requests that the Examiner withdraw this rejet tion. 

35 LS.C. 6 102(e) Rejection 

The Examiner has rejected claims 1-42 under 35 U.S.C. § 1 02(e) as being anticipated by 

Gari: et al (US 6,625,603 Bl ; hereinafter "Garg et aV\ This rejection is respectfully tre versed. 

The Applied Reference 

Garg discloses an access control system (see FIG. r 0Ba t°^ a !^_ . ' ' . 



2, reproduced to the right) that operates within kernel 235 



of an operating system 200 of a computer (col. 3, lines 



12-26). Each object (e.g., files or folders) stored in the 




be n^used by another application" in the operating 



operating system 200 is assigned a GUID that is "not to 



systtsm 200 (col. 6, line 60 - col. 7, line 6). When 
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applications running in operating system 200 seek. to 

access an object, the applications call service provider module 210, which checks with acc :ss 
control module 240 (col. 13, line 60 - col, 14, line 12) to review an access control list of th.: 
object (col. 8, lines 23-28). The access control lists contains USER IDs or GROUPlDs thai are 
allowed access to the object (col 8, lines 33-38). 

However, while Garg does disclose system-wide GUIDs identifying particular objects, 
Garg fails to teach or suggest that these GUIDs are in any way unique across different sysi ans. 
Thus. Gatg's system still suffers from the same deficiencies as the related art of the instan 
AppI: cation, i.e., thai individual administrative domains, such as a university and an affilia :ed 
library, must maintain separate redundant access control information (sec FIGS. 1 and 2 ai d 
pages. 1-3 of Ihc instant Application). Applicant's specific comments regarding the pendir g 
claiirs follow. 

Independent Claims i. 6 and 10 

Applicant respectfully submits that Garg fails lo teach or suggest either a storage s 'stem, 

mem>ry or method where an object and an object identifier are stored, and where "the object 

ident .ficr identifies the object, and the object identifier is unique within and outside of the 

storage system," as recited in independent claims 1, 6 and 10. 

Specifically, Garg only discloses the provision of an object or object type GUID u ithin a 

sine!; storage system 200, as the only purpose of the GUIDs of Garg is to differentiate the 

individual objects managed by the object manager 225 within that operating system 200. 

Applicant respectfully submits thai there is no teaching or suggestion in Garg that the GU Ds 



4 



PAGE 519 1 RCVD AT 3(14/2005 5:54:51 PM [Eastern Standard Time] ' SVR:USPTO-EFX8F-1/15 ' DNIS:8729306 ' CSD:20229378&0 * DURATION (mm-ss):02-26 



03/14/2005 17:56 FAX 2022937860 



0 006/009 



Amendment Under 37 C.F.R. §1.111 
U.S. \ppln. No. 09/465,514 



Attorney Docket # A 725 4 / 
ST9- >8-094 



disclosed therein are in any way unique outside of the operating system 200 (or for that m* tter, 
object manager 225). 

Indep endent Claims 1 7 and 22 

Applicant respectfully submits that Garg fails to teach or suggest a method or code for 

"requesting access for a user to a remote resource, wherein the request includes a subject 

identifier for use in making an access control decision, and wherein the subject identifier \\ 

uniqi e within and outside of the remote resource and identifies the user," as recited in 

independent claim 17 and 22. 

Specifically, Garg fails to teach or suggest any identifier that "identifies the user" £ nd is 

"unique within and outside of the storage system." Rather, the GUlDs cited by the Examii er as 

having some correspondence to the unique identifiers recited in other claims only identify 

objects in an operating system, not users. As discussed above, the only identification of us ar in 

Garg is provided by a USERID or GROUPID. However, there is no teaching or suggestion in 

Garg that either the USERID or GROUPID is lt unique within and outside of the storage system.' 1 

Independent Claim 24 

Applicant respectfully submits that Garg fails to teach or suggest a method of ident fying 
a user comprising "sending a request for user information from the protecting reference mmitor 
to the resource manager, the request including a subject descriptor for the user, wherein the 
subjetf identifier is a Universal Unique Identifier (UUID); receiving, in response to the req jest, 
the user information located based on the subject identifier" as reciced in independent claii 1 24. 

Specifically, Garg fails to teach or suggest the use of a subject identifier for a user vhere 
the "subject identifier is a Universal Unique Identifier (UUID)." As discussed above, the c nly 
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identifiers of users in Garg are USERIDs and GROUPIDs, neither of which Garg indicate > to be 
universally "unique" in any way. 

Independent Claim 27 

Applicant respectfully submits that Garg fails lo teach or suggest an information slorage 

management system where "the resource manager receives a user's request for access to tb ? 

protected object, the request including a globally unique identifier for the user requesting t;ie 

access, and in response to the user's request the resource manager sends over the 

comriunications channel to an external storage management system a request forinformat on 

aboui the user, the request including the globally unique identifier/* as recited in independ ait 

claim 27. 

Specifically, Garg fails to teach or suggest the provision of a "globally unique ider :ifier" 
for a -'user." As discussed above, the only identifiers of users in Garg are USERIDs and 
GROUP IDs, neither of which Garg indicates to be "globally unique" in any way. 

Further, there is no teaching or suggestion of the use of a received "globally uniqut 
ident fier" to retrieve information about the user in Garg. Rather, Garg only utilizes USE] UDs 
and C'ROUPIDs as a static security list for access control. 

Independent Claim 30 

Applicant respectfully submits that Garg fails to teach or suggest an information st >rage 

management system where 4 'the resource manager receives a user's request for access to th i 

protected object, the request including a globally unique identifier for the user requesting t le 

acces3 3 and in response to the user's request the resource manager resolves the globally unique 
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ident. tier to a user identifier recognized by an external storage management system; the re: ource 
manager sending to the external storage management system a request for information abo at the 
user, the request including the resolved user identifier; and wherein the resource manager i .pon 
receiving a response including user information about the user passes the user information to the 
access control unit; and based on the user information the access control unit determines v hether 
to gnint the subject access to the protected object," as recited in independent claim 30. 

Specifically, Garg fails to teach or suggest the provision of a "globally unique iden tifier" 
for a "user," or the subsequent use of a received "globally unique identifier" to retrieve 
information about the £t user" in Garg, for at least the reasons discussed above with respeci to 
independent claim 27. 

Independent Claims 34 and 36 

Applicant respectfully submits that Garg fails to teach or suggest either a method < >r code 

for accessing a protected object comprising "sending a globally unique identifier for a use * to a 

nam«i resolving device, and receiving there from information about the user," and "sendin » to a 

storage management system containing an object a request for access to the object, the recuest 

including the infoimation about the user " as recited in independent claims 34 and 36. 

Specifically, Garg tails to teach or suggest the provision oi'a "globally unique identifier" 

for a "user." As discussed above, the only identifiers of users in Garg are USERIDs and 

GROUPIDs, neither of which Garg indicates to be "globally unique" in any way. 

Thus, Applicant respectfully submits that independent claims 1, 6, 10, 17, 22, 24, 27, 30, 
34 and 36 arc patentable over the applied reference. Further, Applicant respectfully subnets that 



7 



PAGE 8I9*RCVDAT 3/14/2005 5:54:51 PM [Eastern Standard Time] 1 SVR:USPT0-EFXRF-1/15 1 DNlS:8729306 f C9D:2022937860 t DURATION (miMS):02-26 



03/14/2005 17:57 FAX 2022937860 



© 009/009 



Amendment Under 37 C.RR. §1.11] Attorney Docket # A 7254 / 

U.S. Appln. No. 09/465,514 ST9- '8-094 

rejected dependent claims 2-5, 7-9, 11-16, 1 8-21, 23, 25, 26, 28, 29, 31-33 35, 37 and 38-4 2 are 

allowable, at least by virtue of their dependency. 

Thus, Applicants respectfully request that the Examiner withdraw this rejection. 

Conclusion 

In view of the foregoing, it is respectfully submitted that claims 1-42 are allowable 
Thus it is respectfully submitted that the application now is in condition for allowance wit i all 
of thus claims 1-42. 

If any points remain in issue which the Examiner feels may be best resolved throuj h a 
personal or telephone interview, the Examiner is kindly requested to contact the undersigned at 
the te lephone number listed below. 

Please charge any fees which may be required to maintain the pendency of this 
application, except for the Issue Fee, to our Deposit Account No. 1 '5-4880. 




SUGHRUE MION, PLLC Timothy P. Cremen 

Telephone: (202) 293-7060 Registration No. 50,855 

Facsimile: (202)293-7860 

WASHtNtfVrOMOfPtCf! 

23373 

C USTOMER NUMBER 

Date: March 14, 2005 
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